There are many good reasons to add a SSL to your site, we won’t go into detail here but to name a few:
- Google now gives a SEO boost to sites with SSL
- Your users are more protected!
- Some browsers (Chrome) now require SSL for geo-location to work
This tutorial will walk you through everything from buying a SSL certificate to installing it on your cpanel hosting.
Buying the SSL
There are many places to buy a SSL and even some that will give you one for free (with a little work). SSL certificates for most purposes are the same, if you are reading this then i guess your knowledge about them is limited so in simple terms you have 2 main types #1 expensive Organsiation/Extended SSL’s that take a few days to get but usually give you the full green bar or company name in the URL bar and then there are #2 less expensive “Domain Validation” certificates that take only a few minutes to get and give you the green padlock in the URL bar, this 2nd option is the one we will be using in this tutorial.
Domain Validation SSL certificates are mostly all the same, a $100 one will do the same job as a $5 one, the only thing that can go wrong is that the company issuing the certificate can have their master trust certificate revoked which could invalidate your SSL, this is very rare but is something to think about. My general rule when buying a SSL is find the cheapest from a company you have heard of. In our case i did a little searching and found one on NameCheap.com for £6.20/$9 per year. I did find cheaper but i had not heard of the companies before so i decided to go with NamesCheap who i have used in the past for domains.
Installing the SSL
This is the complicated part but if you have cpanel hosting like we are using for this tutorial then it makes it a bit simpler.
Installing the SSL – Step 1 : Certificate Signing Requests (CSR)
A CSR is needed to sign your SSL certificate before it can be generated, this gives the certificate your information for your use.
Log into your cpanel hosting account and look for SSL/TLS:
In that page click the link to generate a CSR:
Fill out the required information as requested, be sure when entering your domains you add one beginning www. at the beginning other wise domain with www in them will not be validated, if you use any other sub-domains they should also be entered here. You can buy wildcard (*.) SSL’s but they are more expensive:
Installing the SSL – Step 2 : Activate/Generate SSL
You will then need to confirm you own the domain through Domain Control Validation (DCV), this can be done 3 ways:
The easiest way is email validation, select it and then enter your contact info and Submit.
You will then receive and email with a code which you then click the link and enter the code to validate.
Your certificate will usually be emailed within 5 minutes but it can take up to 40 minutes for it to show in your NamesCheap.com account (for syncing reasons)
Installing the SSL – Step 3 : Install your SSL Certificate
You will have been emailed your SSL certificate as a zip and also as a text format and you can also download it from your NamesCheap dashboard.
Go back to your cpanel SSL/TLS and select “Manage SSL sites”:
Paste in your SSL certificate text (CRT) file text and then click “Autofill by certificate”:
Then click “Install Certificate” and if all goes well you will see the success and be finished:
Sometimes you will have hard coded urls in your database, there is a handy plugin called Better Search Replace You can use this plugin to search for your url (http://your-url.com) and replace with the SSL version (https://your-url.com)
Another useful plugin can be WP Force SSL which will force all urls to HTTPS and tell google to use those.